<?php
/*
Bitsand - a web-based booking system for LRP events
Copyright (C) 2006, 2007 Russell Peter Phillips

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

include ('../inc/inc_head_db.php');
require ('../inc/inc_admin.php');
require ('../inc/inc_root.php');
include ('../inc/inc_head_html.php');

$db_prefix = DB_PREFIX;

if ($_POST ['btnSubmit'] != '' && CheckReferrer ('admin/root_admins.php')) {
	if ($_POST ['btnSubmit'] == 'Revoke')
		$sAccess = '';
	elseif ($_POST ['btnSubmit'] == 'Add')
		$sAccess = 'admin';
	//Cast the player ID to an integer, since it should be an integer anyway
	$id = (int) $_POST ['txtID'];
	$sql = "UPDATE {$db_prefix}players SET plAccess = '$sAccess' WHERE plPlayerID = $id";
	ba_db_query ($link, $sql);
}
?>
<script src="../inc/sorttable.js" type="text/javascript"></script>

<h1><?php echo TITLE?> - Administrators</h1>

<p>
<a href = 'admin.php'>Admin</a>
</p>

<h3>Current Admins</h3>

<table class = 'sortable'>
<tr><th>PlayerID</th><th>First Name</th><th>Surname</th></tr>
<?php
$sql = "SELECT plPlayerID, plFirstName, plSurname FROM {$db_prefix}players WHERE plAccess = 'admin'";
$result = ba_db_query ($link, $sql);
while ($row = ba_db_fetch_assoc ($result)) {
	echo "<tr><td>{$row ['plPlayerID']}</td>\n";
	echo "<td>{$row ['plFirstName']}</td>\n";
	echo "<td>{$row ['plSurname']}</td></tr>\n";
}
?>
</table>

<form action = 'root_admins.php' method = 'post'>
<p>
To make a user an admin, enter the player ID (just the number, not including the prefix or leading zeros) and click Add:<br>
Player ID: <input name = 'txtID'>
<input type = 'submit' name = 'btnSubmit' value = 'Add'>
</p>
</form>

<form action = 'root_admins.php' method = 'post'>
<p>
To revoke a user's admin access, enter the player ID (just the number, not including the prefix) and click Revoke:<br>
Player ID: <input name = 'txtID'>
<input type = 'submit' name = 'btnSubmit' value = 'Revoke'>
</p>
</form>

<?php
include ('../inc/inc_foot.php');
?>
